[Samba] Samba 4.15.5, 4.14.12, 4.13.17 for RHEL/Centos rpm builds

vincent at cojot.name vincent at cojot.name
Mon Jan 31 15:51:15 UTC 2022 

Hi All, I've refreshed the binary+source rpm builds for RHEL/Centos that 
I've been producing in light of the recent security releases:

* 4.13.17 for RHEL7/Centos7:
http://vince.cojot.name/dist/samba/samba-4.13.17/RHEL7

* 4.14.12 and 4.15.5 for RHEL8/Centos8:
http://vince.cojot.name/dist/samba/samba-4.14.12/RHEL8
http://vince.cojot.name/dist/samba/samba-4.15.5/RHEL8

I will not be producing builds of 4.14+ on RHEL7 as it becomes too 
intrusive for RHEL7-based distros (due to gnutls dependencies).

Please don't hesitate to send feedback if you'd like to report an issue or 
ask for improvements.

Regards,

Vincent

On Mon, 31 Jan 2022, Jule Anger via samba wrote:

> Release Announcements
> ---------------------
>
> These are security releases in order to address the following defects:
>
> o CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target
>                   of a symlink exists.
> https://www.samba.org/samba/security/CVE-2021-44141.html
>
> o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.
> https://www.samba.org/samba/security/CVE-2021-44142.html
>
> o CVE-2022-0336:  Re-adding an SPN skips subsequent SPN conflict checks.
> https://www.samba.org/samba/security/CVE-2022-0336.html
>
>
> Changes
> -------
>
> o  Jeremy Allison <jra at samba.org>
>    * BUG 14911: CVE-2021-44141
>
> o  Ralph Boehme <slow at samba.org>
>    * BUG 14914: CVE-2021-44142
>
> o  Joseph Sutton <josephsutton at catalyst.net.nz>
>    * BUG 14950: CVE-2022-0336
>
>
> #######################################
> Reporting bugs & Development Discussion
> #######################################
>
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.libera.chat or the
> #samba-technical:matrix.org matrix channel.
>
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored.  All bug reports should
> be filed under the Samba 4.1 and newer product in the project's Bugzilla
> database (https://bugzilla.samba.org/).
>
>
> ======================================================================
> == Our Code, Our Bugs, Our Responsibility.
> == The Samba Team
> ======================================================================
>
>
>
> ================
> Download Details
> ================
>
> The uncompressed tarballs and patch files have been signed
> using GnuPG (ID AA99442FB680B620).  The source code can be downloaded
> from:
>
> https://download.samba.org/pub/samba/stable/
>
> The release notes are available online at:
>
>         https://www.samba.org/samba/history/samba-4.15.5.html
>         https://www.samba.org/samba/history/samba-4.14.12.html
> https://www.samba.org/samba/history/samba-4.13.17.html
>
> Our Code, Our Bugs, Our Responsibility.
> (https://bugzilla.samba.org/)
>
>                         --Enjoy
>                         The Samba Team
>
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list